Michiel Boland

**Name of the Vulnerable Software and Affected Versions** Mathopd versions 1.2 through 1.5b13 **Description** A buffer overflow issue exists in the prepare reply function in request.c, which can be triggered by a remote attacker sending an HTTP request with a long path. This can cause a denial of service (server crash) and potentially allow the execution of arbitrary code. **Recommendations** For Mathopd versions 1.2 through 1.5b13, consider disabling the prepare reply function in request.c as a temporary workaround until a patch is available. Restrict access to the server to minimize the risk of exploitation.